Allow both strings to be omitted in "${if" expansions: the true value
[exim.git] / doc / doc-txt / NewStuff
CommitLineData
063b1e99 1$Cambridge: exim/doc/doc-txt/NewStuff,v 1.11 2004/11/17 16:12:26 ph10 Exp $
495ae4b0
PH
2
3New Features in Exim
4--------------------
5
6This file contains descriptions of new features that have been added to Exim,
7but have not yet made it into the main manual (which is most conveniently
8updated when there is a relatively large batch of changes). The doc/ChangeLog
9file contains a listing of all changes, including bug fixes.
10
11
35edf2ff
PH
12Version 4.44
13------------
14
15 1. There is a new build-time option called CONFIGURE_GROUP which works like
16 CONFIGURE_OWNER. It specifies one additional group that is permitted for
17 the runtime configuration file when the group write permission is set.
18
69358f02
PH
19 2. The "control=submission" facility has a new option /retain_sender. This
20 has the effect of setting local_sender_retain true and local_from_check
21 false for the incoming message in which it is encountered.
22
5131419f
PH
23 3. $recipients is now available in the predata ACL (oversight).
24
25 4. The value of address_data from a sender verification is now available in
26 $sender_address_data in subsequent conditions in the ACL statement. Note:
27 this is just like $address_data. The value does not persist after the end
28 of the current ACL statement. If you want to preserve it, you can use one
29 of the ACL variables.
30
23c7ff99
PH
31 5. The redirect router has two new options: forbid_sieve_filter and
32 forbid_exim_filter. When filtering is enabled by allow_filter, these
33 options control which type(s) of filtering are permitted. By default, both
34 Exim and Sieve filters are allowed.
35
4deaf07d
PH
36 6. A new option for callouts makes it possible to set a different (usually
37 smaller) timeout for making the SMTP connection. The keyword is "connect".
38 For example:
39
40 verify = sender/callout=5s,connect=1s
41
42 If not specified, it defaults to the general timeout value.
43
2c7db3f5
PH
44 7. The new variables $sender_verify_failure and $recipient_verify_failure
45 contain information about exactly what failed. In an ACL, after one of
46 these failures, the relevant variable contains one of the following words:
47
48 qualify the address was unqualified (no domain), and the message
49 was neither local nor came from an exempted host;
50
51 route routing failed;
52
53 mail routing succeeded, and a callout was attempted; rejection
54 occurred at or before the MAIL command (that is, on initial
55 connection, HELO, or MAIL);
56
57 recipient the RCPT command in a callout was rejected;
58
59 postmaster the postmaster check in a callout was rejected.
60
61 The main use of these variables is expected to be to distinguish between
62 rejections of MAIL and rejections of RCPT.
63
3d235903
PH
64 8. The command line option -dd behaves exactly like -d except when used on a
65 command that starts a daemon process. In that case, debugging is turned off
66 for the subprocesses that the daemon creates. Thus, it is useful for
67 monitoring the behaviour of the daemon without creating as much output as
68 full debugging.
69
d4eb88df
PH
70 9. $host_address is now set to the target address during the checking of
71 ignore_target_hosts.
72
5cb8cbc6
PH
7310. There are four new variables called $spool_space, $log_space,
74 $spool_inodes, and $log_inodes. The first two contain the amount of free
75 space in the disk partitions where Exim has its spool directory and log
76 directory, respectively. (When these are in the same partition, the values
77 will, of course, be the same.) The second two variables contain the numbers
78 of free inodes in the respective partitions.
79
80 NOTE: Because disks can nowadays be very large, the values in the space
81 variables are in kilobytes rather than in bytes. Thus, for example, to
82 check in an ACL that there is at least 50M free on the spool, you would
83 write:
84
85 condition = ${if > {$spool_space}{50000}{yes}{no}}
86
87 The values are recalculated whenever any of these variables is referenced.
88 If the relevant file system does not have the concept of inodes, the value
89 of those variables is -1. If the operating system does not have the ability
90 to find the amount of free space (only true for experimental systems), the
91 space value is -1.
2c7db3f5 92
063b1e99
PH
9311. It is now permitted to omit both strings after an "if" condition; if the
94 condition is true, the result is the string "true". As before, when the
95 second string is omitted, a false condition yields an empty string. This
96 makes it less cumbersome to write custom ACL and router conditions. For
97 example, instead of
98
99 condition = ${if eq {$acl_m4}{1}{yes}{no}}
100
101 or the shorter form
102
103 condition = ${if eq {$acl_m4}{1}{yes}}
104
105 (because the second string has always defaulted to ""), you can now write
106
107 condition = ${if eq {$acl_m4}{1}}
108
109 Previously this was a syntax error.
110
35edf2ff 111
495ae4b0
PH
112Version 4.43
113------------
114
115 1. There is a new Boolean global option called mua_wrapper, defaulting false.
116 This causes Exim to run an a restricted mode, in order to provide a very
117 specific service.
118
119 Background: On a personal computer, it is a common requirement for all
120 email to be sent to a smarthost. There are plenty of MUAs that can be
121 configured to operate that way, for all the popular operating systems.
122 However, there are MUAs for Unix-like systems that cannot be so configured:
123 they submit messages using the command line interface of
124 /usr/sbin/sendmail. In addition, utility programs such as cron submit
125 messages this way.
126
127 Requirement: The requirement is for something that can provide the
128 /usr/sbin/sendmail interface and deliver messages to a smarthost, but not
129 provide any queueing or retrying facilities. Furthermore, the delivery to
130 the smarthost should be synchronous, so that if it fails, the sending MUA
131 is immediately informed. In other words, we want something that in effect
132 converts a command-line MUA into a TCP/SMTP MUA.
133
134 Solutions: There are a number of applications (for example, ssmtp) that do
135 this job. However, people have found them to be lacking in various ways.
136 For instance, some sites want to allow aliasing and forwarding before
137 sending to the smarthost.
138
139 Using Exim: Exim already had the necessary infrastructure for doing this
140 job. Just a few tweaks were needed to make it behave as required, though it
141 is somewhat of an overkill to use a fully-featured MTA for this purpose.
142
143 Setting mua_wrapper=true causes Exim to run in a special mode where it
144 assumes that it is being used to "wrap" a command-line MUA in the manner
145 just described.
146
147 If you set mua_wrapper=true, you also need to provide a compatible router
148 and transport configuration. Typically there will be just one router and
149 one transport, sending everything to a smarthost.
150
151 When run in MUA wrapping mode, the behaviour of Exim changes in the
152 following ways:
153
154 (a) A daemon cannot be run, nor will Exim accept incoming messages from
155 inetd. In other words, the only way to submit messages is via the
156 command line.
157
158 (b) Each message is synchonously delivered as soon as it is received (-odi
159 is assumed). All queueing options (queue_only, queue_smtp_domains,
160 control=queue, control=freeze in an ACL etc.) are quietly ignored. The
161 Exim reception process does not finish until the delivery attempt is
162 complete. If the delivery was successful, a zero return code is given.
163
164 (c) Address redirection is permitted, but the final routing for all
165 addresses must be to the same remote transport, and to the same list of
166 hosts. Furthermore, the return_address must be the same for all
167 recipients, as must any added or deleted header lines. In other words,
168 it must be possible to deliver the message in a single SMTP
169 transaction, however many recipients there are.
170
171 (d) If the conditions in (c) are not met, or if routing any address results
172 in a failure or defer status, or if Exim is unable to deliver all the
173 recipients successfully to one of the hosts immediately, delivery of
174 the entire message fails.
175
176 (e) Because no queueing is allowed, all failures are treated as permanent;
177 there is no distinction between 4xx and 5xx SMTP response codes from
178 the smarthost. Furthermore, because only a single yes/no response can
179 be given to the caller, it is not possible to deliver to some
180 recipients and not others. If there is an error (temporary or
181 permanent) for any recipient, all are failed.
182
183 (f) If more than one host is listed, Exim will try another host after a
184 connection failure or a timeout, in the normal way. However, if this
185 kind of failure happens for all the hosts, the delivery fails.
186
187 (g) When delivery fails, an error message is written to the standard error
188 stream (as well as to Exim's log), and Exim exits to the caller with a
189 return code value 1. The message is expunged from Exim's spool files.
190 No bounce messages are ever generated.
191
192 (h) No retry data is maintained, and any retry rules are ignored.
193
194 (i) A number of Exim options are overridden: deliver_drop_privilege is
195 forced true, max_rcpt in the smtp transport is forced to "unlimited",
196 remote_max_parallel is forced to one, and fallback hosts are ignored.
197
198 The overall effect is that Exim makes a single synchronous attempt to
199 deliver the message, failing if there is any kind of problem. Because no
200 local deliveries are done and no daemon can be run, Exim does not need root
201 privilege. It should be possible to run it setuid=exim instead of
202 setuid=root. See section 48.3 in the 4.40 manual for a general discussion
203 about the advantages and disadvantages of running without root privilege.
204
205 2. There have been problems with DNS servers when SRV records are looked up.
206 Some mis-behaving servers return a DNS error or timeout when a non-existent
207 SRV record is sought. Similar problems have in the past been reported for
208 MX records. The global dns_again_means_nonexist option can help with this
209 problem, but it is heavy-handed because it is a global option. There are
210 now two new options for the dnslookup router. They are called
211 srv_fail_domains and mx_fail_domains. In each case, the value is a domain
212 list. If an attempt to look up an SRV or MX record results in a DNS failure
213 or "try again" response, and the domain matches the relevant list, Exim
214 behaves as if the DNS had responded "no such record". In the case of an SRV
215 lookup, this means that the router proceeds to look for MX records; in the
216 case of an MX lookup, it proceeds to look for A or AAAA records, unless the
217 domain matches mx_domains.
218
219 3. The following functions are now available in the local_scan() API:
220
221 (a) void header_remove(int occurrence, uschar *name)
222
223 This function removes header lines. If "occurrence" is zero or negative,
224 all occurrences of the header are removed. If occurrence is greater
225 than zero, that particular instance of the header is removed. If no
226 header(s) can be found that match the specification, the function does
227 nothing.
228
229 (b) BOOL header_testname(header_line *hdr, uschar *name, int length,
230 BOOL notdel)
231
232 This function tests whether the given header has the given name. It
233 is not just a string comparison, because whitespace is permitted
234 between the name and the colon. If the "notdel" argument is TRUE, a
235 FALSE return is forced for all "deleted" headers; otherwise they are
236 not treated specially. For example:
237
238 if (header_testname(h, US"X-Spam", 6, TRUE)) ...
239
240 (c) void header_add_at_position(BOOL after, uschar *name, BOOL topnot,
241 int type, char *format, ...)
242
243 This function adds a new header line at a specified point in the header
244 chain. If "name" is NULL, the new header is added at the end of the
245 chain if "after" is TRUE, or at the start if "after" is FALSE. If
246 "name" is not NULL, the headers are searched for the first non-deleted
247 header that matches the name. If one is found, the new header is added
248 before it if "after" is FALSE. If "after" is true, the new header is
249 added after the found header and any adjacent subsequent ones with the
250 same name (even if marked "deleted"). If no matching non-deleted header
251 is found, the "topnot" option controls where the header is added. If it
252 is TRUE, addition is at the top; otherwise at the bottom. Thus, to add
253 a header after all the Received: headers, or at the top if there are no
254 Received: headers, you could use
255
256 header_add_at_position(TRUE, US"Received", TRUE, ' ', "X-xxx: ...");
257
258 Normally, there is always at least one non-deleted Received: header,
259 but there may not be if received_header_text expands to an empty
260 string.
261
262 (d) BOOL receive_remove_recipient(uschar *recipient)
263
264 This is a convenience function to remove a named recipient from the
265 list of recipients. It returns TRUE if a recipient was removed, and
266 FALSE if no matching recipient could be found. The argument must be a
267 complete email address.
268
269 4. When an ACL "warn" statement adds one or more header lines to a message,
270 they are added at the end of the existing header lines by default. It is
271 now possible to specify that any particular header line should be added
272 right at the start (before all the Received: lines) or immediately after
273 the first block of Received: lines in the message. This is done by
274 specifying :at_start: or :after_received: (or, for completeness, :at_end:)
275 before the text of the header line. (Header text cannot start with a colon,
276 as there has to be a header name first.) For example:
277
278 warn message = :after_received:X-My-Header: something or other...
279
280 If more than one header is supplied in a single warn statement, each one is
281 treated independently and can therefore be placed differently. If you add
282 more than one line at the start, or after the Received: block, they will
283 end up in reverse order.
284
285 Warning: This facility currently applies only to header lines that are
286 added in an ACL. It does NOT work for header lines that are added in a
287 system filter or in a router or transport.
288
289 5. There is now a new error code that can be used in retry rules. Its name is
290 "rcpt_4xx", and there are three forms. A literal "rcpt_4xx" matches any 4xx
291 error received for an outgoing SMTP RCPT command; alternatively, either the
292 first or both of the x's can be given as digits, for example: "rcpt_45x" or
293 "rcpt_436". If you want (say) to recognize 452 errors given to RCPT
294 commands by a particular host, and have only a one-hour retry for them, you
295 can set up a retry rule of this form:
296
297 the.host.name rcpt_452 F,1h,10m
298
299 Naturally, this rule must come before any others that would match.
300
301 These new errors apply to both outgoing SMTP (the smtp transport) and
302 outgoing LMTP (either the lmtp transport, or the smtp transport in LMTP
303 mode). Note, however, that they apply only to responses to RCPT commands.
304
305 6. The "postmaster" option of the callout feature of address verification has
306 been extended to make it possible to use a non-empty MAIL FROM address when
307 checking a postmaster address. The new suboption is called "postmaster_
308 mailfrom", and you use it like this:
309
310 require verify = sender/callout=postmaster_mailfrom=abc@x.y.z
311
312 Providing this suboption causes the postmaster check to be done using the
313 given address. The original "postmaster" option is equivalent to
314
315 require verify = sender/callout=postmaster_mailfrom=
316
317 If both suboptions are present, the rightmost one overrides.
318
319 Important notes:
320
321 (1) If you use a non-empty sender address for postmaster checking, there is
322 the likelihood that the remote host will itself initiate a callout
323 check back to your host to check that address. As this is a "normal"
324 callout check, the sender will most probably be empty, thus avoiding
325 possible callout loops. However, to be on the safe side it would be
326 best to set up your own ACLs so that they do not do sender verification
327 checks when the recipient is the address you use for postmaster callout
328 checking.
329
330 (2) The caching arrangements for postmaster checking do NOT take account of
331 the sender address. It is assumed that either the empty address, or a
332 fixed non-empty address will be used. All that Exim remembers is that
333 the postmaster check for the domain succeeded or failed.
334
335 7. When verifying addresses in header lines using the verify=header_sender
336 option, Exim behaves by default as if the addresses are envelope sender
337 addresses from a message. Callout verification therefore tests to see
338 whether a bounce message could be delivered, by using an empty address in
339 the MAIL FROM command. However, it is arguable that these addresses might
340 never be used as envelope senders, and could therefore justifiably reject
341 bounce messages (empty senders). There is now an additional callout option
342 for verify=header_sender that allows you to specify what address to use in
343 the MAIL FROM command. You use it as in this example:
344
345 require verify = header_sender/callout=mailfrom=abcd@x.y.z
346
347 Important notes:
348
349 (1) As in the case of postmaster_mailfrom (see above), you should think
350 about possible loops.
351
352 (2) In this case, as in the case of recipient callouts with non-empty
353 senders (the use_sender option), caching is done on the basis of a
354 recipient/sender pair.
355
356 8. If you build Exim with USE_READLINE=yes in Local/Makefile, it will try to
357 load libreadline dynamically whenever the -be (test expansion) option is
358 used without command line arguments. If successful, it will then use
359 readline() for reading the test data. A line history is supported. By the
360 time Exim does this, it is running as the calling user, so this should not
361 cause any security problems. Security is the reason why this is NOT
362 supported for -bt or -bv, when Exim is running as root or exim,
363 respectively. Note that this option adds to the size of the Exim binary,
364 because the dynamic loading library is not otherwise included. On my
365 desktop it adds about 2.5K. You may need to add -ldl to EXTRA_LIBS when you
366 set USE_READLINE=yes.
367
368 9. Added ${str2b64:<string>} to the expansion operators. This operator
369 converts an arbitrary string into one that is base64 encoded.
370
37110. A new authenticator, called cyrus_sasl, has been added. This requires
372 the presence of the Cyrus SASL library; it authenticates by calling this
373 library, which supports a number of authentication mechanisms, including
374 PLAIN and LOGIN, but also several others that Exim does not support
375 directly. The code for this authenticator was provided by Matthew
376 Byng-Maddick of A L Digital Ltd (http://www.aldigital.co.uk). Here follows
377 draft documentation:
378
379 xx. THE CYRUS_SASL AUTHENTICATOR
380
381 The cyrus_sasl authenticator provides server support for the Cyrus library
382 Implementation of the RFC 2222 "Simple Authentication and Security Layer".
383 It provides a gatewaying mechanism directly to the Cyrus interface, so if
384 your Cyrus library can do, for example, CRAM-MD5, then so can the
385 cyrus_sasl authenticator. By default it uses the public name of the driver
386 to determine which mechanism to support.
387
388 Where access to some kind of secret file is required, for example in GSSAPI
389 or CRAM-MD5, it is worth noting that the authenticator runs as the exim
390 user, and that the Cyrus SASL library has no way of escalating privileges
391 by default. You may also find you need to set environment variables,
392 depending on the driver you are using.
393
394 xx.1 Using cyrus_sasl as a server
395
396 The cyrus_sasl authenticator has four private options. It puts the username
397 (on a successful authentication) into $1.
398
399 server_hostname Type: string* Default: $primary_hostname
400
401 This option selects the hostname that is used when communicating with
402 the library. It is up to the underlying SASL plug-in what it does with
403 this data.
404
405 server_mech Type: string Default: public_name
406
407 This option selects the authentication mechanism this driver should
408 use. It allows you to use a different underlying mechanism from the
409 advertised name. For example:
410
411 sasl:
412 driver = cyrus_sasl
413 public_name = X-ANYTHING
414 server_mech = CRAM-MD5
415 server_set_id = $1
416
417 server_realm Type: string Default: unset
418
419 This is the SASL realm that the server is claiming to be in.
420
421 server_service Type: string Default: "smtp"
422
423 This is the SASL service that the server claims to implement.
424
425 For straigthforward cases, you do not need to set any of the
426 authenticator's private options. All you need to do is to specify an
427 appropriate mechanism as the public name. Thus, if you have a SASL library
428 that supports CRAM-MD5 and PLAIN, you might have two authenticators as
429 follows:
430
431 sasl_cram_md5:
432 driver = cyrus_sasl
433 public_name = CRAM-MD5
434 server_set_id = $1
435
436 sasl_plain:
437 driver = cyrus_sasl
438 public_name = PLAIN
439 server_set_id = $1
440
44111. There is a new global option called tls_on_connect_ports. Its value must be
442 a list of port numbers; the most common use is expected to be
443
444 tls_on_connect_ports = 465
445
446 Setting this option has the same effect as -tls-on-connect on the command
447 line, but only for the specified ports. It applies to all connections, both
448 via the daemon and via inetd. You still need to specify all the ports for
449 the daemon (using daemon_smtp_ports or local_interfaces or the -X command
450 line option) because this option does not add an extra port -- rather, it
451 specifies different behaviour on a port that is defined elsewhere. The
452 -tls-on-connect command line option overrides tls_on_connect_ports, and
453 forces tls-on-connect for all ports.
454
45512. There is a new ACL that is run when a DATA command is received, before the
456 data itself is received. The ACL is defined by acl_smtp_predata. (Compare
457 acl_smtp_data, which is run after the data has been received.)
458 This new ACL allows a negative response to be given to the DATA command
459 itself. Header lines added by MAIL or RCPT ACLs are not visible at this
460 time, but any that are defined here are visible when the acl_smtp_data ACL
461 is run.
462
46313. The "control=submission" ACL modifier has an option "/domain=xxx" which
464 specifies the domain to be used when creating From: or Sender: lines using
465 the authenticated id as a local part. If the option is supplied with an
466 empty domain, that is, just "/domain=", Exim assumes that the authenticated
467 id is a complete email address, and it uses it as is when creating From:
468 or Sender: lines.
469
47014. It is now possible to make retry rules that apply only when the failing
471 message has a specific sender. In particular, this can be used to define
472 retry rules that apply only to bounce messages. The syntax is to add a new
473 third item to a retry rule, of the form "senders=<address list>". The retry
474 timings themselves then become the fourth item. For example:
475
476 * * senders=: F,1h,30m
477
478 would match all bounce messages. If the address list contains white space,
479 it must be enclosed in quotes. For example:
480
481 a.domain timeout senders="x@b.dom : y@c.dom" G,8h,10m,1.5
482
483 When testing retry rules using -brt, you can supply a sender using the -f
484 command line option, like this:
485
486 exim -f "" -brt user@dom.ain
487
488 If you do not set -f with -brt, a retry rule that contains a senders list
489 will never be matched.
490
49115. Two new control modifiers have been added to ACLs: "control = enforce_sync"
492 and "control = no_enforce_sync". This makes it possible to be selective
493 about when SMTP synchronization is enforced. The global option
494 smtp_enforce_sync now specifies the default state of the switch. These
495 controls can appear in any ACL, but the most obvious place to put them is
496 in the ACL defined by acl_smtp_connect, which is run at the start of an
497 incoming SMTP connection, before the first synchronization check.
498
49916. Another two new control modifiers are "control = caseful_local_part" and
500 "control = caselower_local_part". These are permitted only in the ACL
501 specified by acl_smtp_rcpt (i.e. during RCPT processing). By default, the
502 contents of $local_part are lower cased before ACL processing.
503 After "control = caseful_local_part", any uppercase letters in the original
504 local part are restored in $local_part for the rest of the ACL, or until
505 "control = caselower_local_part" is encountered. However, this applies only
506 to local part handling that takes place directly in the ACL (for example,
507 as a key in lookups). If a "verify = recipient" test is obeyed, the
508 case-related handling of the local part during the verification is
509 controlled by the router configuration (see the caseful_local_part generic
510 router option).
511
512 This facility could be used, for example, to add a spam score to local
513 parts containing upper case letters. For example, using $acl_m4 to
514 accumulate the spam score:
515
516 warn control = caseful_local_part
517 set acl_m4 = ${eval:\
518 $acl_m4 + \
519 ${if match{$local_part}{[A-Z]}{1}{0}}\
520 }
521 control = caselower_local_part
522
523 Notice that we put back the lower cased version afterwards, assuming that
524 is what is wanted for subsequent tests.
525
52617. The option hosts_connection_nolog is provided so that certain hosts can be
527 excepted from logging when the +smtp_connection log selector is set. For
528 example, you might want not to log SMTP connections from local processes,
529 or from 127.0.0.1, or from your local LAN. The option is a host list with
530 an unset default. Because it is consulted in the main loop of the daemon,
531 you should strive to restrict its value to a short inline list of IP
532 addresses and networks. To disable logging SMTP connections from local
533 processes, you must create a host list with an empty item. For example:
534
535 hosts_connection_nolog = :
536
537 If the +smtp_connection log selector is not set, this option has no effect.
538
53918. There is now an acl called acl_smtp_quit, which is run for the QUIT
540 command. The outcome of the ACL does not affect the response code to QUIT,
541 which is always 221. Thus, the ACL does not in fact control any access.
542 For this reason, the only verbs that are permitted are "accept" and "warn".
543
544 The ACL can be used for tasks such as custom logging at the end of an SMTP
545 session. For example, you can use ACL variables in other ACLs to count
546 messages, recipients, etc., and log the totals at QUIT time using one or
547 more "logwrite" modifiers on a "warn" command.
548
549 You do not need to have a final "accept", but if you do, you can use a
550 "message" modifier to specify custom text that is sent as part of the 221
551 response.
552
553 This ACL is run only for a "normal" QUIT. For certain kinds of disastrous
554 failure (for example, failure to open a log file, or when Exim is bombing
555 out because it has detected an unrecoverable error), all SMTP commands
556 from the client are given temporary error responses until QUIT is received
557 or the connection is closed. In these special cases, the ACL is not run.
558
55919. The appendfile transport has two new options, mailbox_size and mailbox_
560 filecount. If either these options are set, it is expanded, and the result
561 is taken as the current size of the mailbox or the number of files in the
562 mailbox, respectively. This makes it possible to use some external means of
563 maintaining the data about the size of a mailbox for enforcing quota
564 limits. The result of expanding these option values must be a decimal
565 number, optionally followed by "K" or "M".
566
56720. It seems that there are broken clients in use that cannot handle multiline
568 SMTP responses. Can't people who implement these braindead programs read?
569 RFC 821 mentions multiline responses, and it is over 20 years old. They
570 must handle multiline responses for EHLO, or do they still use HELO?
571 Anyway, here is YAWFAB (yet another workaround for asinine brokenness).
572 There's a new ACL switch that can be set by
573
574 control = no_multiline_responses
575
576 If this is set, it suppresses multiline SMTP responses from ACL rejections.
577 One way of doing this would have been just to put out these responses as
578 one long line. However, RFC 2821 specifies a maximum of 512 bytes per
579 response ("use multiline responses for more" it says), and some of the
580 responses might get close to that. So I have implemented this by doing two
581 very easy things:
582
583 (1) Extra information that is normally output as part of a rejection
584 caused by sender verification failure is omitted. Only the final line
585 (typically "sender verification failed") is now sent.
586
587 (2) If a "message" modifier supplies a multiline response, only the first
588 line is output.
589
590 The setting of the switch can, of course, be made conditional on the
591 calling host.
592
59321. There is now support for the libradius library that comes with FreeBSD.
594 This is an alternative to the radiusclient library that Exim already
595 supports. To use the FreeBSD library, you need to set
596
597 RADIUS_LIB_TYPE=RADLIB
598
599 in Local/Makefile, in addition to RADIUS_CONFIGURE_FILE, and you probably
600 also need -libradius in EXTRALIBS.
601
602
603Version 4.42
604------------
605
606 1. The "personal" filter test is brought up-to-date with recommendations from
607 the Sieve specification: (a) The list of non-personal From: addresses now
608 includes "listserv", "majordomo", and "*-request"; (b) If the message
609 contains any header line starting with "List=-" it is treated as
610 non-personal.
611
612 2. The Sieve functionality has been extended to support the "copy" and
613 "vacation" extensions, and comparison tests.
614
615 3. There is now an overall timeout for performing a callout verification. It
616 defaults to 4 times the callout timeout, which applies to individual SMTP
617 commands during the callout. The overall timeout applies when there is more
618 than one host that can be tried. The timeout is checked before trying the
619 next host. This prevents very long delays if there are a large number of
620 hosts and all are timing out (e.g. when the network connections are timing
621 out). The value of the overall timeout can be changed by specifying an
622 additional sub-option for "callout", called "maxwait". For example:
623
624 verify = sender/callout=5s,maxwait=20s
625
626 4. Changes to the "personal" filter test:
627
628 (1) The list of non-personal local parts in From: addresses has been
629 extended to include "listserv", "majordomo", "*-request", and "owner-*",
630 taken from the Sieve specification recommendations.
631
632 (2) If the message contains any header line starting with "List-" it is
633 treated as non-personal.
634
635 (3) The test for "circular" in the Subject: header line has been removed
636 because it now seems ill-conceived.
637
638 5. The autoreply transport has a new option called never_mail. This is an
639 address list. If any run of the transport creates a message with a
640 recipient that matches any item in the list, that recipient is quietly
641 discarded. If all recipients are discarded, no message is created.
642
643
644Version 4.40
645------------
646
647The documentation is up-to-date for the 4.40 release. What follows here is a
648brief list of the new features that have been added since 4.30.
649
650 1. log_incoming_interface affects more log lines.
651
652 2. New ACL modifier "control = submission".
653
654 3. CONFIGURE_OWNER can be set at build time to define an alternative owner for
655 the configuration file, in addition to root and exim.
656
657 4. Added expansion variables $body_zerocount, $recipient_data, and
658 $sender_data.
659
660 5. The time of last modification of the "new" subdirectory is now used as the
661 "mailbox time last read" when there is a quota error for a maildir
662 delivery.
663
664 6. The special item "+ignore_unknown" may now appear in host lists.
665
666 7. The special domain-matching patterns @mx_any, @mx_primary, and
667 @mx_secondary can now be followed by "/ignore=<ip list>".
668
669 8. New expansion conditions: match_domain, match_address, match_local_part,
670 lt, lti, le, lei, gt, gti, ge, and new expansion operators time_interval,
671 eval10, and base62d.
672
673 9. New lookup type called "iplsearch".
674
67510. New log selectors ident_timeout, tls_certificate_verified, queue_time,
676 deliver_time, outgoing_port, return_path_on_delivery.
677
67811. New global options smtp_active_hostname and tls_require_ciphers.
679
68012. Exinext has -C and -D options.
681
68213. "domainlist_cache" forces caching of an apparently variable list.
683
68414. For compatibility with Sendmail, the command line option -prval:sval
685 is equivalent to -oMr rval -oMs sval.
686
68715. New callout options use_sender and use_postmaster for use when verifying
688 recipients.
689
69016. John Jetmore's "exipick" utility has been added to the distribution.
691
69217. The TLS code now supports CRLs.
693
69418. The dnslookup router and the dnsdb lookup type now support the use of SRV
695 records.
696
69719. The redirect router has a new option called qualify_domain.
698
69920. exigrep's output now also includes lines that are not related to any
700 particular message, but which do match the pattern.
701
70221. New global option write_rejectlog. If it is set false, Exim no longer
703 writes anything to the reject log.
704
705****